Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/jEOS-MGGPZBNe36BHbgUklWcEyM.roa
File: jEOS-MGGPZBNe36BHbgUklWcEyM.roa (raw, json)
Hash identifier: Ng68GbqqoH7ioXbbVwT8pFqktiscU4K27QVJjGa6zhw=
Subject key identifier: 8C:43:92:F8:C1:86:3D:90:4D:7B:7E:81:1D:B8:14:92:55:9C:13:23
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018E84F83DAD232CA0848684727599A1C578
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/jEOS-MGGPZBNe36BHbgUklWcEyM.roa
Signing time: Thu 28 Mar 2024 12:10:44 +0000
ROA not before: Thu 28 Mar 2024 12:10:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1136
IP address blocks: 37.251.0.0/17 maxlen: 17
62.131.0.0/16 maxlen: 16
62.251.0.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.168.0.0/14 maxlen: 14
77.172.0.0/16 maxlen: 16
77.173.0.0/16 maxlen: 16
77.174.0.0/16 maxlen: 16
77.175.0.0/16 maxlen: 16
77.175.0.0/17 maxlen: 17
77.175.128.0/17 maxlen: 17
80.60.0.0/15 maxlen: 15
81.204.0.0/14 maxlen: 14
82.136.192.0/18 maxlen: 18
82.168.0.0/14 maxlen: 14
82.168.0.0/15 maxlen: 15
82.168.0.0/17 maxlen: 17
82.168.128.0/18 maxlen: 18
82.168.192.0/19 maxlen: 19
82.168.224.0/19 maxlen: 19
82.169.0.0/18 maxlen: 18
82.169.64.0/19 maxlen: 19
82.169.96.0/19 maxlen: 19
82.169.128.0/19 maxlen: 19
82.169.160.0/19 maxlen: 19
82.169.192.0/18 maxlen: 18
82.170.0.0/16 maxlen: 16
84.80.0.0/13 maxlen: 13
84.80.0.0/16 maxlen: 16
84.82.0.0/15 maxlen: 15
84.84.0.0/14 maxlen: 14
85.113.224.0/19 maxlen: 19
86.80.0.0/12 maxlen: 12
86.80.0.0/13 maxlen: 13
86.88.0.0/15 maxlen: 15
86.90.0.0/16 maxlen: 16
86.92.0.0/14 maxlen: 14
88.159.0.0/16 maxlen: 16
188.142.0.0/17 maxlen: 17
195.240.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.128.0/18 maxlen: 18
195.240.192.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
212.238.0.0/16 maxlen: 16
213.10.0.0/16 maxlen: 16
213.84.0.0/16 maxlen: 16
213.197.0.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:f8:3d:ad:23:2c:a0:84:86:84:72:75:99:a1:c5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Mar 28 12:10:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c4392f8c1863d904d7b7e811db81492559c1323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:11:3d:1e:be:88:ef:4b:11:91:de:48:70:
da:2a:ea:37:ba:8f:2a:1a:46:88:1e:bd:aa:a7:bc:
d2:41:c2:c9:1f:07:cb:73:59:41:f3:a1:4f:e8:ef:
d5:f3:b9:e8:37:35:01:51:e8:d2:02:a8:6b:78:20:
0d:4f:67:da:91:6f:28:95:af:a3:9b:17:26:c9:9c:
37:1f:63:54:f5:41:25:3f:da:a9:cc:dc:cd:27:ea:
6a:50:62:a3:08:89:0c:8f:63:20:cf:35:3d:f4:d0:
ae:27:7f:3e:c1:d2:b5:05:98:72:a5:ce:09:0b:01:
7f:4e:22:bf:48:48:fc:f0:4f:f0:ef:90:21:35:6d:
6e:11:36:78:9d:92:43:3a:e5:ad:1f:7c:c5:d0:22:
97:41:f2:f4:11:b4:8c:c1:3a:57:17:9d:ca:04:2b:
19:a6:98:37:be:fd:98:be:0a:de:8a:a5:53:18:58:
23:50:c9:ec:fa:c8:36:5b:e1:0a:dd:a0:6f:8b:12:
c7:ed:90:23:5e:df:22:ea:8a:03:f0:7a:9e:36:18:
3a:cd:a2:2c:ab:60:63:99:55:7c:2d:23:d3:d9:c3:
5e:ee:1f:c7:1c:00:99:a7:06:33:dc:d7:49:32:77:
ea:bf:4f:b8:ba:3f:7e:f3:2d:34:e0:9d:cc:e5:63:
44:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:43:92:F8:C1:86:3D:90:4D:7B:7E:81:1D:B8:14:92:55:9C:13:23
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/jEOS-MGGPZBNe36BHbgUklWcEyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
62.251.0.0/17
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0/14
84.80.0.0/13
85.113.224.0/19
86.80.0.0/12
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
212.238.0.0/16
213.10.0.0/16
213.84.0.0/16
213.197.0.0/18
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
b0:5f:68:b7:0a:c5:ba:d7:26:17:d0:c8:e1:4c:28:aa:f9:2b:
bc:43:0d:80:84:d3:0a:46:7c:ee:0d:1f:1f:38:52:e4:22:59:
1f:27:a3:63:ba:f5:38:0c:33:17:9f:41:1d:a2:b3:3e:1a:3c:
1e:2a:7e:ab:2a:2b:d1:95:c2:7f:7a:43:25:51:f8:6b:58:c6:
56:b2:9e:4e:dc:40:ec:00:35:46:e1:d5:9e:2c:e6:a5:ba:eb:
74:c4:0a:66:c5:44:dd:f3:6e:18:79:02:1b:2e:0a:ba:49:b3:
12:6e:72:86:0d:c9:43:97:92:56:b4:c3:64:ea:90:42:15:1a:
a2:1d:8d:32:e1:7f:e5:05:61:57:4e:78:c0:79:5b:98:57:16:
1a:72:b1:b3:7c:28:d6:86:df:0e:31:8b:22:93:57:2f:a1:2c:
42:ad:f2:0a:fc:92:4a:47:31:a4:1a:a7:6e:9f:4e:49:b1:30:
ab:11:61:3b:8e:e7:15:bc:97:63:c8:a0:c4:d1:d3:68:fa:36:
f6:3e:19:10:ec:30:8e:65:54:c6:c9:ee:34:92:0e:32:da:86:
9b:79:ab:d3:7b:19:7e:90:a7:6a:a8:7b:3c:12:e9:ce:6d:19:
67:88:44:e0:eb:98:fe:69:c0:0f:94:59:21:c8:4e:9f:40:e2:
67:c9:6f:64
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY6E+D2tIyyghIaEcnWZocV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwMzI4MTIxMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQzOTJmOGMxODYzZDkwNGQ3YjdlODExZGI4MTQ5MjU1OWMxMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzYRPR6+iO9LEZHeSHDaKuo3uo8q
GkaIHr2qp7zSQcLJHwfLc1lB86FP6O/V87noNzUBUejSAqhreCANT2fakW8ola+j
mxcmyZw3H2NU9UElP9qpzNzNJ+pqUGKjCIkMj2MgzzU99NCuJ38+wdK1BZhypc4J
CwF/TiK/SEj88E/w75AhNW1uETZ4nZJDOuWtH3zF0CKXQfL0EbSMwTpXF53KBCsZ
ppg3vv2YvgreiqVTGFgjUMns+sg2W+EK3aBvixLH7ZAjXt8i6ooD8HqeNhg6zaIs
q2BjmVV8LSPT2cNe7h/HHACZpwYz3NdJMnfqv0+4uj9+8y004J3M5WNEuQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFIxDkvjBhj2QTXt+gR24FJJVnBMjMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvakVPUy1NR0dQWkJOZTM2QkhiZ1VrbFdjRXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQHJfsA
AwMAPoMDBAc++wADAwRNoAMDAVA8AwMCUcwDBAZSiMADAwJSqAMDA1RQAwQFVXHg
AwMEVlADAwBYnwMEB7yOAAMDAcPwAwQG1HuAAwQG1LaAAwMA1O4DAwDVCgMDANVU
AwQG1cUAMA0EAgACMAcDBQcqAqQAMA0GCSqGSIb3DQEBCwUAA4IBAQCwX2i3CsW6
1yYX0MjhTCiq+Su8Qw2AhNMKRnzuDR8fOFLkIlkfJ6NjuvU4DDMXn0EdorM+Gjwe
Kn6rKivRlcJ/ekMlUfhrWMZWsp5O3EDsADVG4dWeLOaluut0xApmxUTd824YeQIb
Lgq6SbMSbnKGDclDl5JWtMNk6pBCFRqiHY0y4X/lBWFXTnjAeVuYVxYacrGzfCjW
ht8OMYsik1cvoSxCrfIK/JJKRzGkGqdun05JsTCrEWE7jucVvJdjyKDE0dNo+jb2
PhkQ7DCOZVTGye40kg4y2oabeavTexl+kKdqqHs8EunObRlniETg65j+acAPlFkh
yE6fQOJnyW9k
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:16 2025 by rpki-client